US State Dept locks down email system after suspected hacker attack

The US State Department has shut down the whole of its unclassified email system after fears a hacker managed to obtain access. An official said none of the departments classified systems were affected while security upgrades are currently taking place.

The official, who was
not authorized to disclose the information, said that
“activity of concern” was discovered by technicians at
around the same time that the White House’s computer system was
also targeted in late October. It was announced that maintenance
would be carried out on the network on Friday, however AP
reported on Sunday that the organization had shut down the
network due to fears that hackers had managed to compromise the
system.

During the outage, personnel within the department were using
Gmail accounts, according to the Washington Post. Security
improvements are currently taking place and the system is
expected to be back online on Monday or Tuesday.

It is not known who may have carried out the attack, though
previous breaches have been blamed on Chinese or Russian hackers. However, there
has been no concrete evidence that Beijing or Moscow is behind
this latest incident.

On October 28, a White House official said a cyber-attack was
detected on a computer system used by the Executive Office of the
President (EOP).

"In the course of assessing recent threats we identified
activity of concern on the unclassified EOP network. Any such
activity is something that we take very seriously. In this case
we took immediate measures to evaluate and mitigate the
activity," the official told Reuters.

The White House is often the target of hackers,
but the one revealed in late October had a more significant
duration, affecting the system’s functionality for nearly two
weeks.

“Certainly a variety of actors find our networks attractive
targets and seek to access to sensitive government information.
We are still assessing the activity of concern, and we are not in
a position to provide any additional details at this time,”
a White House official said in a statement in October.

On November 10, the personal data of more than 800,000 US Postal
Service employees was compromised following a major USPS breach
that was initially attributed to Chinese hackers, the Washington
Post reported.

A non-related report by AP on the same day found that federal
agencies and government contractors in the US had suffered almost
a quarter of a million cyber-attacks during the last year.
However, not all were the result of hackers, but the vast
majority were the result of mistakes by technicians tasked with
keeping their networks safe.

The US spends in the region of $10 billion a year to protect its
systems from hackers; however AP’s investigation has found that
despite the massive resources at their disposal, the efforts have
been largely unsuccessful. Federal agents and contractors alike
are all too guilty of letting systems become infected by clicking
bogus links, accidentally installing malware or otherwise opening
up networks to hackers by way of their own inept operational
security.

“Workers scattered across more than a dozen agencies, from
the defense and education departments to the National Weather
Service, are responsible for at least half of the federal cyber
incidents reported each year since 2010,” the AP wrote,
citing their own internal report on November 10.